Azure Cloud, DevOps resources and blog
-
How Microsoft Entra ID is used as a directory for cloud apps
Microsoft Entra ID (formerly Azure Active Directory, or Azure AD) is used as a cloud-based directory service that manages and secures user identities, access, and permissions for cloud applications. It serves as a central identity provider for applications, services, and resources both within Microsoft’s ecosystem… [ Read more ]
-
Azure Virtual Network explained in detail
Azure Virtual Network (VNet) is one of the fundamental building blocks in Azure that allows you to securely connect Azure resources to each other, the internet, and on-premises environments. It provides a private network where you can define and control the IP addressing, DNS settings,… [ Read more ]
-
Compare Microsoft Entra ID to Active Directory Domain Services (AD DS)
Microsoft Entra ID (formerly Azure Active Directory, or Azure AD) and Active Directory Domain Services (AD DS) are both identity and access management solutions provided by Microsoft, but they serve different purposes and are designed for different environments. Below is a comparison of the two:… [ Read more ]
-
Subnets and Subnetting in Azure – Features and Use-cases
In Azure, subnets are an integral part of your Virtual Network (VNet) architecture. Subnets allow you to partition a VNet's IP address space into smaller, more manageable segments. Subnetting helps you organize and control the flow of network traffic, segment security policies, and ensure efficient… [ Read more ]
-
Know everything about Azure Virtual Network – Features and Components
An Azure Virtual Network (VNet) is one of the foundational building blocks for your private network in Azure. It allows Azure resources to securely communicate with each other, the internet, and on-premises networks. Azure VNets provide isolation, segmentation, and secure communication between virtual machines (VMs),… [ Read more ]
-
How to create customer-managed keys (CMK) using Azure Key Vault
Creating customer-managed keys (CMK) in Azure involves using Azure Key Vault to generate and manage encryption keys. These keys are then associated with a storage account to encrypt data. Below is a step-by-step guide. Prerequisites 1. Azure Subscription You must have an active Azure subscription.… [ Read more ]
-
How to create DNS zone and an A record by using Azure DNS
Below is a step-by-step guide for creating a DNS zone and adding an A (Address) Record using the Azure Portal. Prerequisites An active Azure subscription. A domain name (optional, for public zones). Step 1: Create a DNS Zone Sign in to Azure Portal: Navigate to… [ Read more ]
-
How to create Shared Access Signatures (SAS) in Azure
A Shared Access Signature (SAS) in Azure allows secure, time-limited access to resources in a storage account without exposing the storage account's access keys. Here’s a step-by-step guide to creating a SAS. Prerequisites You need an Azure Storage account. Ensure you have the required permissions… [ Read more ]
-
How to determine NSG Rules in Azure
What is a Network Security Group (NSG)? An NSG (Network Security Group) is a set of security rules that allow or deny traffic to Azure resources, such as Virtual Machines (VMs) and subnets. The rules in an NSG specify which traffic is allowed to flow… [ Read more ]
-
How to dynamically resolve resource name by using Alias record in Azure
Alias records in Azure DNS allow DNS names to point directly to Azure resources, such as Azure public IPs, Traffic Manager profiles, or Azure Content Delivery Network (CDN) endpoints. They dynamically resolve to the current IP address or endpoint of the target resource, eliminating the… [ Read more ]
-
How to extend peering with User-Defined Routes (UDRs) and Service Chaining
Extending VNet Peering with User-Defined Routes (UDRs) and Service Chaining enables advanced traffic management and network customization. This guide explains how to implement these features effectively. Key Concepts VNet Peering Direct connectivity between VNets in Azure, enabling seamless communication. User-Defined Routes (UDRs) Custom routing rules… [ Read more ]
-
How to identify URI and SAS parameters in Azure
Identifying and understanding the components of a URI (Uniform Resource Identifier) with a Shared Access Signature (SAS) in Azure is essential for working with secure access to Azure Storage resources. Here's how you can identify and interpret the URI and SAS parameters. Structure of a… [ Read more ]
-
How to implement Application Security Groups (ASG) in Azure virtual network
Application Security Groups (ASGs) in Azure allow you to manage and group virtual machines (VMs) based on their application roles for network security. They help you simplify the management of security rules without worrying about IP address assignments or VM scale set updates. Instead of… [ Read more ]
-
How to implement Service Endpoints in Azure
To implement Service Endpoints in Azure, follow these steps. Service Endpoints allow you to securely connect virtual network (VNet) subnets to Azure services like Azure Storage, Azure SQL Database, and others, without needing a public IP address. Steps to Implement Service Endpoints Step 1: Prepare… [ Read more ]